Hi, Nin Gen <[email protected]> writes:
> Version 115.16.0, first offered to ESR channel users on October 1, 2024 > > Firefox ESR 115 is now supported only on Windows 7-8.1 and macOS > 10.12-10.14. Users on other operating systems should use Firefox ESR 128 > instead. > source: https://www.mozilla.org/en-US/firefox/115.16.0/releasenotes/ Thanks for this report. I've not been overly concerned about this, because during my 10 years of maintaining the IceCat package in GNU Guix, I've noticed that it is rare for Firefox ESR security updates to affect only GNU/Linux systems. Moreover, I expect that security flaws in the GNU/Linux-specific code of ESR 115 most likely also exist in ESR 128, and if such a flaw were discovered, it would be publicized by Mozilla in connection with ESR 128. As of now, that has not happened. I've been more concerned about the possibility of malicious functionality that might have been added in the upstream ESR 128 branch relative to ESR 115. That said, I acknowledge that this is not a satisfactory situation, especially given that the published list of bug fixes in 115.18.0esr (mfsa2024-65) is unexpectedly short compared to the fixes in 128.5.0esr (mfsa2024-64). I will start working on the IceCat 128 branch in the next few days. Best regards, Mark
